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Examiner 

Carl Colin 



Applicant(s) ^ 

PARKER ET AL. 



Art Unit 

2136 



- The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1.136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 1 33). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )S Responsive to communication(s) filed on 25 January 2007 . 
2a)n This action is FINAL. 2b)^ This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) S Claim{s) 1-20 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) n Claim(s) is/are allowed. 

6) 13 Claim(s) 1-20 is/are rejected. 
?)□ Claim(s) is/are objected to. 

8) 0 Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) 0 The specification is objected to by the Examiner. 

10)0 The drawing(s) filed on is/are: a)Q accepted or b)n objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
1 !)□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12)0 Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19{a)-{d) or (f). 
a)D All b)n Some * c)[J None of: 

1 .□ Certified copies of the priority documents have been received. 

2.n Certified copies of the priority documents have been received in Application No. . 



3.n Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
' See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 



1. In view of the Appeal Brief filed on 1/8/2007, PROSECUTION IS HEREBY 
REOPENED. A new ground of rejection is set forth below. 

To avoid abandonment of the application, appellant must exercise one of the following 
two options: 

(1) file a reply under 37 CFR 1.111 (if this Office action is non-final) or a reply under 37 
CFR 1 . 1 1 3 (if this Office action is final); or, 

(2) initiate a new appeal by filing a notice of appeal under 37 CFR 41 .3 1 followed by an 
appeal brief under 37 CFR 41.37. The previously paid notice of appeal fee and appeal brief fee 
can be applied to the new appeal. If, however, the appeal fees set forth in 37 CFR 41 .20 have 
been increased since they were previously paid, then appellant must pay the difference between 
the increased fees and the amount previously paid. 

A Supervisory Patent Examiner (SPE) has approved of reopening prosecution by signing 



Response to Arguments 

2. In response to communications filed on 1/25/2007, the following claims 1-20 are 
pending. 



below. 
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2.1 Applicant's arguments in the appeal brief filed on 1/25/2007 with respect to claims 1 and 
14 have been fiilly considered but they are moot in view of a new ground of rejection. The 
rejection is set forth below. The rejections of the dependent claims not argued by Applicant are 
still applicable in this office action. 



Claim Rejections - 35 USC § 102 
3. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 
122(b), by another filed in the United States before the invention by the applicant for 
patent or (2) a patent granted on an application for patent by another filed in the United 
States before the invention by the applicant for patent, except that an international 
application filed under the treaty defined in section 351(a) shall have the effects for 
purposes of this subsection of an application filed in the United States only if the 
intemational application designated the United States and was published under Article 
21(2) of such treaty in the English language. 

Claims 1-2, 4-5, 14, and 20 are rejected under 35 U.S.C. 102(e) as being anticipated by 
US Patent 7,203,190 to Ruban et al. 



As per claim 1 : Ruban et al discloses a private network apparatus for connecting a user to 
an external Internet comprising: a plurality of security service pathways (i.e. switching services) 
each providing a respective combination of security service features (see column 12, lines 5-16); 
a service selection dashboard (application interface, column 8, lines 24-28) allowing said user to 
select from a plurality of security service features for user traffic to and fi-om said user (see 
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column 10, lines 65-67 and column 3, lines 59-65); a network management server coupled to 
said service selection dashboard for storing a subscriber configuration in response to said user 
selected security service features (see column 4, lines 31-32 and 53-58 and column 9, lines 39- 
44); Ruban et al discloses router SGI and suitable router R that meets the recitation of a 
pass-through router for coupling said user traffic to destination address (information service, CP, 
content provider or bank) (which is broadly interpreted as being part of extemal Internet address 
connection) independently of said security service pathways (such as switching services 
pathways SG3 and SG4), (see column 11, line 59 through column 12, line 7); a service selection 
gateway (such as SG as shown in fig. 2) coupled to said user for directing said user traffic to and 
from one of said service selection dashboard, said pass-through router, or one of said security 
service pathways; in fig. 4 in combination with column 11, line 51 through column 12, line 11, 
SGI may be interpreted as a service selection gateway for directing user either to router R or 
switching services SG3 and SG4 (see also column 7, lines 60-65 and column 3, lines 59-65); a 
security service router (ISP for instance as shown in fig.4) for coupling said security service 
pathways to said extemal Internet (see column 12, lines 8-13); 

wherein said service selection gateway directs said user traffic to said service selection 
dashboard if said subscriber configuration is in an initialized state (see column 10, lines 62- 
67); 

wherein said service selection gateway directs said user traffic either to a respective one of 
said security service pathways (switching services SG3 or SG4) or to said pass-through 
router (router R)in response to said subscriber configuration after initialization by said 
service selection dashboard. In fig. 4, SGI may be interpreted as a service selection gateway 
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for directing user either to router R or switching services SG3 and SG4 (see column 11, line 
51 through column 12, line 11; column 7, lines 60-65 and column 3, lines 59-65). 

As per claim 2: Ruban et al discloses the apparatus of claim 1 wherein said security 
service pathways include at least one pathway having a firewall, (see column 11, lines ). 
5-24). 

As per claim 4: Ruban et al discloses the apparatus of claim 1 wherein said security 
service pathways include at least one pathway having a content filter, (see column 12, lines 5-16) 

As per claim 5: Ruban et al discloses the apparatus of claim 1 wherein said security 
service pathways include at least one pathway having a firewall and a content filter (see column 
11, lines 20-25). 

As per claim 14: Ruban et al discloses a method of providing security service in a 
network interface to an external internet, said method comprising the steps of: directing a user to 
a captive portal (application interface, column 8, lines 24-28) and presenting security service 
features to said user (see column 10, lines 65-67 and column 3, lines 59-65); storing a 
subscription profile for said user in response to security service features selected by said user 
through said captive portal (see column 4, lines 31-32 and 53-58 and column 9, lines 39-44); 
Ruban et al discloses a service selection gateway (such as SG as shovm in fig. 2) for receiving 
user traffic from said user destined for said external Intemet; in fig. 4 in combination with 
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column 1 1, line 51 through column 12, line 1 1, SGI may also be interpreted as a service 
selection gateway for receiving user traffic fi-om said user destined for said extemal Intemet see 
also colunm 7, lines 60-65 and column 3, lines 59-65); determining fi-om said subscription 
profile which security service features to apply to said user traffic (see column 7, lines 25-27); if 
said subscription profile for said user includes any security service features, then redirecting said 
user traffic to a particular security service pathway of a plurality of security service pathways, 
said particular security service pathway corresponding to said security service features identified 
by said user profile (see column 9, lines 27-38 and column 12, lines 5-16); and if said 
subscription profile for said user includes no security service features, then redirecting said user 
traffic to a pass-through router for coupling said user traffic to (information service, CP, content 
provider or bank) destination address (which is broadly interpreted as being part of extemal 
Intemet address connection) (see column 12, line 59 column 12, line 4). 

As per claim 20: Ruban et al discloses network element such as SG1-SG4, service 
gateway routers for routing from service selection gateway to said security service pathways and 
for routing from security service pathways to said security service router (fig. 4). It is also 
disclosed that the routers comprise switching component and that the data packets passed on 
through PVC, SVC technology (see column 11, lines 59-67). The gateway can be reasonably 
interpreted as providing switching and routing. For instance, SGI coupling the service selection 
module to the secure pathways and SG3, SG4 coupling the security service pathways to ISPs as 
shown in fig. 4 (see column 1 1, line 45 through column 12, line 17). 
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4. Claims 3, 6-13, and 15-19 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Ruban et al et al. US (6,230,271) in view of Schneider et al. US (6,178,505). 

As per claim 3: the combined references disclose the claimed apparatus of claim 1. 
Ruban et al discloses a plurality of security service pathways (see column 5, lines 17-27) but is 
silent about including at least one pathway having a virus scanner. However Schneider in an 
analogous art teaches control of access to data in a distributed environment using antivirus 
module in a network apparatus to provide further protection to users data packet (see column 42, 
lines 10-29). Therefore it would have been obvious to one of ordinary skill in the art at the time 
the invention was made to modify Ruban et al system with the teaching of Schneider to include 
virus scanners on the security pathways. One of ordinary skill in the art would have been 
motivated to do so in order to provide an additional level of security to the user by ensuring that 
the transmitted information came from authorized source and doesn't contain any viruses. 

As per claim 6: Ruban et al discloses the claimed apparatus of claim 1 . Schneider 
discloses access filter in secure gateway that provides firewall protection (see column 2, lines 36- 
62) in combination with anti-virus module to provide further protection to users data (see column 
42, lines 10-29). Therefore, claim 6 is rejected on the same rationale as the rejection of claim 3 
above. 

As per claim 7: Ruban et al discloses the claimed apparatus of claim 1 . Schneider 
discloses content filter in combination with anti-virus module to provide further protection to 
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users data (see column 40, lines 42-60 and column 42, lines 10-29). Therefore, this claim is 
rejected on the same rationale as the rejection of claim 3 above. 

As per claim 8: Ruban et al discloses the claimed apparatus of claim 1. Schneider 
discloses content access filter in secure gateway that provides firewall protection (see column 2, 
lines 36-62) in combination with anti-virus module to provide further protection to users data 
(see column 42, lines 10-29). Therefore, this claim is rejected on the same rationale as the 
rejection of claim 3 above. 

As per claim 9: Ruban et al discloses the claimed apparatus of claim 1. Schneider 
discloses security pathways including at least two pathways having firewalls said firewalls 
respectively providing different grades of firewall protection (see column 3, lines 30-56). 
Therefore, this claim is rejected on the same rationale as the rejection of claim 3 above. 

As per claim 10: the combined references disclose the claimed apparatus of claim 9. 
Schneider discloses security pathways including at least two pathways having firewalls said 
firewalls respectively providing different grades of firewall protection (see column 3, lines 30- 
56); Schneider discloses checking access at two levels, but does not explicitly specify the 
number of firewall levels to 3. It only requires routine skill in the art to change the level to a 
desired number so as to meet the design choice. One of ordinary skill in the art would have been 
motivated to do so in order to assign the filtering to specific gateways as suggested by Schneider. 
Therefore, this claim is rejected on the same rationale as the rejection of claim 3 above. 
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As per claim 1 1 : the combined references disclose the claimed apparatus of claim 10. 
Schneider discloses using of firewall providing low grade protection by blocking outgoing traffic 
(see column 3, lines 30-56). Therefore, this claim is rejected on the same rationale as the 
rejection of claim 3 above. 

As per claim 12: the combined references disclose the claimed apparatus of claim 10. 
Schneider discloses using of firewall providing medium grade protection by blocking outgoing 
and incoming traffic (see column 3, lines 1-15 and 30-56). Therefore, this claim is rejected on 
the same rationale as the rejection of claim 3 above. 

As per claim 13: the combined references disclose the claimed apparatus of claim 10. 
Schneider discloses using of firewall providing high grade protection for outgoing traffic and 
also discloses virus checking (see column 42, lines 10-29) that meets the recitation of blocking 
all incoming traffic not initiated by said user. Therefore, this claim is rejected on the same 
rationale as the rejection of claim 3 above. 

As per claim 15: Schneider discloses content access filter in secure gateway that provides 
firewall protection (see column 2, lines 36-62) in combination with anti-virus module to provide 
further protection to users data (see column 42, lines 10-29). Therefore, this claim is rejected on 
the same rationale as the rejection of claim 3 above. 



Application/Control Number: 10/003,816 Page 10 

Art Unit: 2136 

As per claim 16: Schneider discloses selecting policy definition for firewall protection 
including adding/deleting access filter that meets the recitation of wherein said firewall services 
comprise selectable grades of firewall protection including a high grade firewall protection, a 
medium grade firewall protection, and a low grade firewall protection (see column 24, lines 17- 
67). Therefore, this claim is rejected on the same rationale as the rejection of claim 3 above. 

As per claims 17-19: these claims disclose the same limitations as claims 11-13 
Therefore, these claims are rejected on the same rationale as the rejection of claims 11-13 above. 

Conclusion 

5. The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure. See PTO-form 892. 

5.1 Any inquiry conceming this communication or earlier communications from the 
examiner should be directed to Carl Colin whose telephone number is 571-272-3862. The 
examiner can normally be reached on Monday through Thursday, 8:00-6:30 PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Nasser G. Moazzami can be reached on 571-272-4195. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



/C.C./ 
Carl Colin 

Patent Examiner, A.U. 2136 
June 8, 2007 



NASSER MOAZZAMI 
SUPERVISORY PATENT EXAMINER 
TECHNOLOGY CENTER 2100 




